fix(security): pin packages/cli runtime dependencies to exact versions

[xiaolai]

Automated audit: This PR was generated by NLPM, a natural language programming linter, running via claude-code-action. Please evaluate the diff on its merits.

Bug

packages/cli/package.json declares runtime dependencies with ^ (caret) ranges, meaning npm can silently resolve to any compatible minor/patch version:

"chalk": "^4.1.2",
"commander": "^11.1.0",
"yaml": "^2.3.4",
"zod": "^3.25.76",
...

For a published CLI tool, unpinned runtime dependencies create a supply chain window: if any of these packages is compromised at a minor/patch release between the time the lock file was generated and when a user installs the package, the user's npm install would pull in the malicious version (since end users typically don't have the repo's lock file).

Fix

Pins each runtime dependency to the exact version currently resolved in package-lock.json:

Package	Before	After	Note
chalk	^4.1.2	4.1.2	same
commander	^11.1.0	11.1.0	same
debug	^4.4.3	4.4.3	same
fs-extra	^11.2.0	11.3.2	locked minor bump
gray-matter	^4.0.3	4.0.3	same
inquirer	^8.2.6	8.2.7	locked patch bump
ora	^5.4.1	5.4.1	same
smol-toml	^1.6.1	1.6.1	same
yaml	^2.3.4	2.8.3	locked minor bump
zod	^3.25.76	3.25.76	same

The @ai-devkit/* workspace packages were already pinned to exact versions and are unchanged.

Impact

Low severity. This is supply chain hardening for the published npm package. End users installing ai-devkit from the registry don't have access to the repo's lock file, so pinning in package.json is the only protection they have against a compromised dependency release.